Installing Exim, ClamAV, SpamAssassin and Greylistd

Once the installation is complete, we continue with the configuration of the components.

Populating ClamAV database

The initial virus database should be downloaded before ClamAV can be started. We download the current database by executing the following command in a “root” shell.

freshclam

To automatically update the ClamAV virus database, we start the clamav-freshclam service by executing the following command in a “root” shell.

service clamav-freshclam start

To start the daemon, we start the clamav-daemon service by executing the following command in a “root” shell.

service clamav-daemon start

Configuring SpamAssassin

The configuration of SpamAssassin is defined in the /etc/default/spamassassin file. To activate SpamAssassin, we set the value of ENABLED to 1, as shown below.

ENABLED=1

To automatically update the rules on a nightly basis, we set the value of CRON to 1, as shown below.

CRON=1

Configuring Greylistd

We activate Greylistd by executing the following command in a “root” shell.

greylistd-setup-exim4 add

Configuring ClamAV

To enable ClamAV to scan the mail spool directory, the user clamav should be added to the group Debian-exim. We add the user to the group by executing the following command in a “root” shell.

adduser clamav Debian-exim

The permissions on the mail spool directory should also allow for the group to have write access to the files as well as to set the group to Debian-exim for any new files created in the directory. We set the permissions by executing the following commands in a “root” shell.

chmod -Rf g+w /var/spool/exim4
chmod -Rf g+s /var/spool/exim4

We need to confirm that the /etc/clamav/clamd.conf file contains the following; if it doesn’t, we need to set it.

AllowSupplementaryGroups true

To activate the new configuration, we restart the clamav-daemon service by executing the following command in a “root” shell.

service clamav-daemon restart

Configuring Exim

ClamAV

To enable ClamAV in Exim, we edit the /etc/exim4/exim4.conf.template file by uncommenting the following line. If our Exim configuration is split, we edit the /etc/exim4/conf.d/main/02_exim4-config_options file.

av_scanner = clamd:/var/run/clamav/clamd.ctl

To define the error message returned, we edit the /etc/exim4/exim4.conf.template file as follows. If our Exim configuration is split, we edit the /etc/exim4/conf.d/acl/40_exim4-config_check_data file.

# Deny if the message contains malware. Before enabling this check, you
# must install a virus scanner and set the av_scanner option in the
# main configuration.
#
# exim4-daemon-heavy must be used for this section to work.
#
deny
malware = *
message = This message was detected as possible malware ($malware_name).

SpamAssassin

To enable SpamAssassin in Exim, we edit the /etc/exim4/exim4.conf.template file by uncommenting the following line. If our Exim configuration is split, we edit the /etc/exim4/conf.d/main/02_exim4-config_options file.

spamd_address = 127.0.0.1 783

To define the error message returned, we edit the /etc/exim4/exim4.conf.template file as follows. If our Exim configuration is split, we edit the /etc/exim4/conf.d/acl/40_exim4-config_check_data file.

# Add headers to a message if it is judged to be spam. Before enabling this,
# you must install SpamAssassin. You also need to set the spamd_address
# option in the main configuration.
#
# exim4-daemon-heavy must be used for this section to work.
#
# Please note that this is only suiteable as an example. There are
# multiple issues with this configuration method. For example, if you go
# this way, you'll give your spamassassin daemon write access to the
# entire exim spool which might be a security issue in case of a
# spamassassin exploit.
#
# See the exim docs and the exim wiki for more suitable examples.
#
warn
spam = Debian-exim:true
add_header = X-Spam_score: $spam_score\n\
X-Spam_score_int: $spam_score_int\n\
X-Spam_bar: $spam_bar\n\
X-Spam_report: $spam_report

To reconfigure Exim, we execute the following command in a “root” shell.

dpkg-reconfigure exim4-config

To activate the new configuration, we reload the exim4 service by executing the following command in a “root” shell.

service exim4 reload

Advertisements

Share this:

Like this:

In this series of articles, we will be setting up a new development environment under Debian 7.5. This will include a base server operating system, GUI Desktop Environment, Network Time Server, DNS server, Mail server, Database server and Web server. We will also be hosting our own Version Control System with integration into a Project Management and Issue and Time Tracking solution. We will also require our own Certificate Authority to request and sign digital certificates to use on our internal network and web server.

Operating System and Desktop Environment

As stated above, we will be making use of Debian 7.5 for our server operating system and either log in remotely to a shell over SSH or directly via a Desktop Environment.

Our Desktop Environment will be LXDE, due to the fact that it is designed to work well with computers on the lower end of the performance spectrum – in my case, I am running my Debian server on a Pentium IV 1.7GHz with 512MB of RAM and 2 drives of 40GB and 160GB each – the latter being used as my data drive and the former to host the operating system. We’ll also be installing Gnome and KDE as well, which are both very common Desktop Environments.

Network Time

For us to be able to broadcast Coordinated Universal Time on our internal network, we will be using NTP.

DNS Server

For us to be able to host domains on our internal network, we will be using Bind.

At the end of this series, we will have a comprehensive development server for internal use. A note on this, we are setting up the server behind an existing firewall making use of the 192.168.100.x range of IP addresses.